AVCare

Updated:
July 27, 2009 12:58:13 PM
Type:
Misleading Application
Name:
AV Care
Version:
1.0.4.0
Publisher:
AVCare Inc.
Risk Impact:
Medium
Systems Affected:
Windows
Behavior
The program must be manually installed.

The program reports false or exaggerated system security threats on the computer.





The user is then prompted to pay for a full license of the application in order to remove the threats.





Installation
When the program is executed, it creates the following files:
  • %UserProfile%\Desktop\AV Care.lnk
  • %UserProfile%\Start Menu\Programs\AV Care\AV Care.lnk
  • %ProgramFiles%\AV Care\avc.ico
  • %ProgramFiles%\AV Care\AVCare.dat
  • %ProgramFiles%\AV Care\AVCare.exe
  • %ProgramFiles%\AV Care\AVCare.ini
  • %ProgramFiles%\AV Care\PP.exe
  • %ProgramFiles%\AV Care\Uninstall.exe


Next, the program creates the following registry entry/ies so that it executes whenever Windows starts:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"AV Care" = "C:\Program Files\AV Care\AvCare.exe"

It also creates the following registry subkeys:
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint
  • HKEY_LOCAL_MACHINE\SOFTWARE\AV Care
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AV Care
Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube